99a10f8056c9ee9fc0022de159e6be27

Sharing

Copy URL Twitter E-mail

General

Target

99a10f8056c9ee9fc0022de159e6be27
Size

148KB
MD5

99a10f8056c9ee9fc0022de159e6be27
SHA1

624b1d7d1c2bde686bf879d615c53ae2d7624382
SHA256

7fa8c1522ce67c70f413d6d37ea5edb4cab53ee79f48911d22cc59e151102a5e
SHA512

fe8e3b0df413f84fcbcfc0e16fe522a0ec8e4b8a3a35d0c04300e32eb7798bcbe3740ee8cee84f7eb3d8ca36ccf8c9a69fb32b86992c86c5a225e7218db0bd70
SSDEEP

3072:Ub6IDy2we3crGOhT58QeHNKYgUX7ajGnRncLrW:Uny2juGi2TNXgULaSKf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
99a10f8056c9ee9fc0022de159e6be27

Files

99a10f8056c9ee9fc0022de159e6be27
.exe windows:4 windows x86 arch:x86

b71d5c724191c4440e5e2e6b150b981d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedCompareExchange
RemoveDirectoryA
FlushFileBuffers
CreateThread
GetVersion
LocalFree
LocalAlloc
GetVolumeInformationA
DeleteCriticalSection
WaitForMultipleObjects
CreateFileA
GetModuleHandleA
InitializeCriticalSection
EnterCriticalSection
SetFileAttributesA
GetFileAttributesA
GetProfileStringW
DeleteFileA
FindFirstChangeNotificationA
ResetEvent
GetTempPathA
CopyFileA
GetLocalTime
GetStartupInfoA

user32

RegisterWindowMessageA
SendMessageA
FindWindowA

comdlg32

ChooseColorA
GetFileTitleA
CommDlgExtendedError
GetSaveFileNameA
GetOpenFileNameA
ChooseFontA

ole32

CoRevokeClassObject
OleSetContainedObject

comctl32

ord17
ImageList_Add
ImageList_GetIcon
_TrackMouseEvent
ImageList_DragLeave

wininet

InternetSetFilePointer
InternetOpenA
HttpQueryInfoA
InternetWriteFile
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetCloseHandle
InternetReadFile
InternetQueryDataAvailable
InternetOpenUrlA
InternetSetStatusCallback

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
malloc
free
fopen
fseek
__setusermatherr
fwrite
fclose
wcslen

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 598KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b71d5c724191c4440e5e2e6b150b981d

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

ole32

comctl32

wininet

msvcrt

Sections

.text Size: 16KB - Virtual size: 12KB

.rdata Size: 72KB - Virtual size: 70KB

.data Size: 52KB - Virtual size: 598KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 16KB - Virtual size: 12KB

.rdata
Size: 72KB - Virtual size: 70KB

.data
Size: 52KB - Virtual size: 598KB

.rsrc
Size: 4KB - Virtual size: 2KB